EUVD-2025-198896

An issue in the size query parameter /views/file.py of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request...

CVE-2025-56423

An issue in Austrian Academy of Sciences AW Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attacker to obtain sensitive information via the login error messages...

Austrian Academy of Sciences OpenAtlas 安全漏洞

Austrian Academy of Sciences OpenAtlas is a database application dealing with archaeology and history organized by the Austrian Academy of Sciences in Austria. A security vulnerability exists in Austrian Academy of Sciences OpenAtlas version 8.12.0 that stems from a login error message that could...

CVE-2025-60916

CVE-2025-60916 is a reflected XSS vulnerability in Austrian OpenAtlas. The issue affects the /overview/network/ endpoint prior to OpenAtlas v8.12.0, where an attacker can inject a crafted payload into the charge parameter to execute arbitrary JavaScript in a user’s browser. The Red Hat/EU ENISA/O...

CVE-2025-60917

A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the color parameter...

PT-2025-47933

A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the color parameter...

CVE-2023-0081

The MonsterInsights WordPress plugin before 8.12.1 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

PT-2022-26971 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: The issue allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query...

SafeNet KeySecure Management Console 注入漏洞

SafeNet KeySecure Management is a secure software package from SafeNet USA. A security vulnerability exists in SafeNet KeySecure Management Console that stems from the vulnerability of version 8.12.0 of SafeNet KeySecure Management Console to HTTP response splitting attacks. A remote attacker can...

PT-2018-2144 · Mysql Server +1 · Mysql Connectors +1

Name of the Vulnerable Software and Affected Versions: MySQL Connectors versions 8.0.12 and prior Description: The issue is related to insufficient access control in the Connector/J subcomponent of the MySQL Connectors system. It allows a remote attacker to gain unauthorized access to protected...